Lucene search
K

48313 matches found

CVE
CVE
added 3 days ago13 views

CVE-2026-54891

The CVE-2026-54891 entry concerns Erlang/OTP ssl (tls_gen_connection.erl) where a network-positioned attacker can inject unauthenticated plaintext during TLS handshake. The tls_gen_connection:handle_protocol_record/3 function rejects APPLICATION_DATA in pre-handshake when acting as a server, but ...

6.3CVSS5.8AI score0.00164EPSS
Exploits0References5
OSV
OSV
added 3 days ago4 views

EEF-CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl

Summary Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl tls\gen\connection module allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server...

6.3CVSS5.8AI score0.00164EPSS
Exploits0References4
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41414

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS5.8AI score0.00406EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-55950

Time-of-check Time-of-use TOCTOU race condition vulnerability in Erlang/OTP ssl dtlspacketdemux module allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a single shared dtlspacketdemux genserver process to route incoming UDP...

8.7CVSS5.8AI score0.00406EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 3 days ago4 views

CVE-2026-55952

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS5.9AI score0.00464EPSS
Exploits0
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41412

The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tlshandshake13:handlepresharedkey/3, an OfferedPreSharedKeys record with a...

8.2CVSS5.9AI score0.00464EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-53422

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

2.3CVSS5.8AI score0.00333EPSS
Exploits0References8Affected Software1
OSV
OSV
added 3 days ago3 views

USN-8498-1 linux-nvidia-tegra vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References298
OSV
OSV
added 3 days ago3 views

USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References300
Chainguard
Chainguard
added 3 days ago4 views

CVE-2024-52281 vulnerabilities

Vulnerabilities for packages: harvester-fips, harvester...

8.9CVSS7AI score0.00476EPSS
Exploits0
Chainguard
Chainguard
added 3 days ago3 views

CVE-2023-32198 vulnerabilities

Vulnerabilities for packages: rancher, harvester-fips, harvester, rancher-agent...

7.1AI score0.00296EPSS
Exploits0
Chainguard
Chainguard
added 3 days ago4 views

GHSA-64JQ-M7RQ-768H vulnerabilities

Vulnerabilities for packages: harvester-fips, harvester...

5.9AI score
Exploits0
Chainguard
Chainguard
added 3 days ago5 views

GHSA-7RP8-R62P-Q6WC vulnerabilities

Vulnerabilities for packages: cg, dl, wolfictl, apply-cve-bump...

5.9AI score
Exploits0
Wolfi
Wolfi
added 3 days ago6 views

GHSA-VH4V-2XQ2-G5CG vulnerabilities

Vulnerabilities for packages: zarf, cluster-api-helm-controller, kube-arangodb, k8ssandra-client, k9s, rancher, argocd-image-updater, kubescape-operator, opentofu, argo-cd, chartmuseum, trivy-operator, consul-k8s, kargo, rancher-helm, steampipe, teleport, cert-manager-cmctl, headlamp, cilium-cli,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 3 days ago8 views

GHSA-8XWF-RJM4-XVHV vulnerabilities

Vulnerabilities for packages: zarf, cluster-api-helm-controller, kube-arangodb, k8ssandra-client, k9s, rancher, argocd-image-updater, kubescape-operator, opentofu, argo-cd, chartmuseum, trivy-operator, consul-k8s, kargo, rancher-helm, steampipe, teleport, cert-manager-cmctl, headlamp, cilium-cli,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 3 days ago10 views

CVE-2026-48978 vulnerabilities

Vulnerabilities for packages: zarf, cluster-api-helm-controller, kube-arangodb, k8ssandra-client, k9s, rancher, argocd-image-updater, kubescape-operator, opentofu, argo-cd, chartmuseum, trivy-operator, consul-k8s, kargo, rancher-helm, steampipe, teleport, cert-manager-cmctl, headlamp, cilium-cli,...

5.9AI score
Exploits0
OSV
OSV
added 3 days ago3 views

RHSA-2026:34160 Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update

Bulletin has no description...

8.1CVSS6AI score0.0068EPSS
Exploits5References60
NVD
NVD
added 3 days ago8 views

CVE-2026-8482

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS0.00212EPSS
Exploits0References1
OSV
OSV
added 3 days ago4 views

RHSA-2026:28886 Red Hat Security Advisory: OpenShift Container Platform 4.14.68 packages and security update

Bulletin has no description...

7.5CVSS6.8AI score0.01945EPSS
Exploits4References50
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41271

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
Rows per page
Query Builder